Authenticating to Oracle Hospitality Property APIs

You can call Oracle Hospitality APIs using different authentication schemes depending on the scheme supported by your environment. The authentication scheme supported by your environment can be found on the environments card under the Environments tab. For more information, see Viewing Environment Details.

To call Oracle Hospitality APIs using the Client Credential based authentication scheme, you need the following pieces of information:

1. OAuth Client ID and Client Secret: These grant you access to the identity servers (OPERA Cloud Identity Management). See Environments (Gateways and Credentials) for steps on how to view or add these.

2. Application Key: A unique application key is created for each application upon registering an application in the Oracle Hospitality Developer Portal. This key must be passed in the “x-app-key” header of every request to the Oracle Hospitality APIs. To obtain your application key, refer to the Viewing the Application Key topic.

   Note:

   A new application and its corresponding application key are required when you move to Production.

3. Scope: A static variable that represents the authorization scope and permissions granted to the client for accessing the APIs from OHIP.

4. Enterprise ID: A unique ID for the enterprise for which the client is created.

To obtain your oAuth token, use the above details in the ‘Authenticate with the Identity Server’ call in the oAuth API. You can find this description in the oAuth API on the APIs page of the Developer Portal.

Send this oAuth request to the gateway URL listed in the Developer Portal.

Note:

oAuth tokens expire after 1 hour (60 minutes). Currently, we do not support refresh tokens.